BIND DNS Server Vulnerable to Remote Crash - #CVE-2025-40775
The Internet Systems Consortium (ISC) has revealed a high-severity vulnerability in BIND DNS servers, identified as CVE-2025-40775 with a CVSS score of 7.5. This flaw allows remote attackers to crash affected servers by exploiting a weakness in TSIG authentication processing. The vulnerability affects BIND versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7, potentially causing denial-of-service conditions and disrupting DNS name resolution. ISC recommends upgrading to patched versions BIND 9.20.9 or BIND 9.21.8 to mitigate the risk. Importantly, no active exploits have been observed at the time of disclosure, providing administrators with an opportunity to address the issue proactively.